Question No: 241 – (Topic 3)

Referring to the exhibit, you want to block HTTP access to Web-Server from the subnet where Mal-User is located. All other traffic should be permitted.

Which firewall filter configuration do you use?

[edit firewall family inet filter STOP-MAL-USER] user@router# show

term one { from {

source-address { 200.200.200.0/24;

}

destination-address { 100.100.100.10/32;

}

protocoltcp; destination-port http;

}

then accept;

}

term two { then { reject;

}

}

[edit firewall family inet filter STOP-MAL-USER] user@router# show

term one { from {

source-address { 100.100.100.0/24;

}

destination-address { 200.200.200.1/32;

}

protocoltcp; destination-port http;

}

then accept;

}

term two { then { reject;

}

}

[edit firewall family inet filter STOP-MAL-USER] user@router# show

term one {

from {

source-address { 100.100.100.0/24;

}

destination-address { 200.200.200.1/32;

}

protocoltcp; destination-port http;

}

then reject;

}

term two { then { accept;

}

}

[edit firewall family inet filter STOP-MAL-USER] user@router# show

term one { from {

source-address { 200.200.200.0/24;

}

destination-address { 100.100.100.10/32;

}

protocoltcp; destination-port http;

}

then reject;

}

term two { then { accept;

}

}

Answer: D

Question No: 242 – (Topic 3)

A network administrator would like to view detailed interface status, properties, statistics,

errors, and CoS packet counters.

Which operational command will display this information?

show interfaces extensive

show interfaces

show configuration interfaces

show interface status

Answer: A

Question No: 243 – (Topic 3)

Which statement is true regarding the Network Time Protocol (NTP) on Junos devices?

MD5 authentication is supported by the Junos OS.

Server mode is not supported by the Junos OS.

The Junos OS can provide a primary time reference.

The Junos OS does not support the use of a boot server.

Answer: A

Question No: 244 – (Topic 3)

Which command will display only direct routes?

show route

show route inet.0 direct

show ip route direct

show route protocol direct

Answer: D

Question No: 245 – (Topic 3)

– Exhibit –

[edit routing-options] user@router# show static {

defaults { metric 10;

preference 10;

}

route 10.10.10.0/24 { next-hop 192.168.100.1;

qualified-next-hop 192.168.200.1;

preference 6;

}

metric 8;

}

}

– Exhibit –

Given the configuration shown in the exhibit, which statement is correct about traffic matching the route 10.10.10.0/24?

It will be forwarded to 192.168.100.1 using a metric of 10.

It will be forwarded to 192.168.100.1 using a metric of 8.

It will be forwarded to 192.168.200.1 using a metric of 8.

It will be forwarded to 192.168.200.1 using a metric of 10.

Answer: C

Question No: 246 – (Topic 3)

What is the default protocol preference for OSPF internal routes?

10

15 C. 150 D. 160

Answer: A

Question No: 247 – (Topic 3)

– Exhibit –

[edit firewall family inet filter COS-CLASSIFIER] user@router# show

term MANAGER { from {

source-address { 192.168.200.0/25;

}

destination-address { 100.100.100.1/32;

}

}

then {

forwarding-class expedited-forwarding; accept;

}

}

term ALL-OTHER-TRAFFIC {

then accept;

}

[edit interfaces ge-0/0/1] user@router# show

unit 0 { familyinet { filter {

input COS-CLASSIFIER;

}

address 192.168.200.1/24;

}

}

– Exhibit –

Referring to the exhibit, which type of classifier is being used in this CoS configuration?

behavior aggregate

policer

multifield

forwarding policy

Answer: C

Question No: 248 – (Topic 3)

When using the monitor traffic command on Junos devices, which UNIX-based utility is accessed?

snoop

tcpdump

monitor

tail

Answer: B

Question No: 249 – (Topic 3)

You have a network containing 120 routers. You must establish and maintain connectivity between the loopback interfaces of all routers. Because of the critical services using the network, you need redundancy and fast failover.

Which routing protocol should you use in this scenario?

OSPF

RIP

BGP

static

Answer: A

Question No: 250 – (Topic 3)

There are three static routes in the routing table that need to be announced to your OSPF peers.

Which method is used to accomplish this?

Apply an import policy to OSPF that injects the static routes into OSPF.

Apply an import policy to the static routes that injects the static routes into OSPF.

Apply an export policy to the static routes that injects the static routes into OSPF.

Apply an export policy to OSPF that injects the static routes into OSPF.